Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

automatic jump to privilege level 15 in PIX/ASA

Hi, with IOS router and switch I'm able to authorize the user to jump automatically to the correct privilege level in login phase, as configured in authorization privilege field in ACS.

With PIX/ASA the jump does not run: why ?

thank you in advance

RS

3 REPLIES

Re: automatic jump to privilege level 15 in PIX/ASA

It's a security feature. Requires knowing two passwords to get full access to the device.

HTH and please rate if it does.

New Member

Re: automatic jump to privilege level 15 in PIX/ASA

I have the same kind of problem but with different RADIUS server (FreeRADIUS) and ASA 5520 (7.2). Is there a way to log into ASA with defined privilege level ? It is possible to define local user but it doesn't work with RADIUS logging enabled.

Thanks in advance for any help

Re: automatic jump to privilege level 15 in PIX/ASA

I have to disagree here.

It's not a security feature. The privilege level feature was never properly implemented in the PIX/ASA. You may call it a bug

I would have been a security feature if it would be implemented on all privilege levels besides level 15, so that users were prevented from going directly to priv. exec mode. But on the ASA/PIX, it does not work for any level (as the feature was not implemented).

Regards


Farrukh

1113
Views
5
Helpful
3
Replies